diff --git a/services/src/main/java/org/keycloak/headers/DefaultSecurityHeadersProvider.java b/services/src/main/java/org/keycloak/headers/DefaultSecurityHeadersProvider.java
index f519efbf44..7664628a8d 100644
--- a/services/src/main/java/org/keycloak/headers/DefaultSecurityHeadersProvider.java
+++ b/services/src/main/java/org/keycloak/headers/DefaultSecurityHeadersProvider.java
@@ -134,7 +134,9 @@ public class DefaultSecurityHeadersProvider implements SecurityHeadersProvider {
                 return true;
             }
             int status = responseContext.getStatus();
-            if (status == 201 || status == 204 || status == 301 || status == 302 || status == 303 || status == 400 || status == 401 || status == 403 || status == 404) {
+            if (status == 201 || status == 204 ||
+                status == 301 || status == 302 || status == 303 || status == 307 || status == 308 ||
+                status == 400 || status == 401 || status == 403 || status == 404) {
                 return true;
             }
             if (requestContext.getMethod().equalsIgnoreCase("OPTIONS")) {